<?php
class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {
    
    private $acl = null;
    private $auth = null;
    
    public function __construct(Zend_Acl $acl,Zend_Auth $auth) {
        $this->acl =$acl;
        $this->auth =$auth;
    }
    
    public function preDispatch(Zend_Controller_Request_Abstract $request){
        
        $resource = $request->getControllerName();
        $action = $request->getActionName();
        if(Zend_Auth::getInstance()->hasIdentity()){
            $identity = $this->auth->getStorage()->read();
            $role = $identity->role;
            
            if(!$this->acl->isAllowed($role,$resource, $action)){
                $request->setControllerName('authentification');
                $request->setActionName('login');
            }
        }else{
            $request->setControllerName('authentification');
            $request->setActionName('login');
        }
    }
}
?>
